package xx.iverson.video_manage.controller;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.util.DigestUtils;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import xx.iverson.video_manage.entity.SysUser;
import xx.iverson.video_manage.mapper.SysUserMapper;

import javax.servlet.http.HttpSession;
import java.util.HashMap;
import java.util.Map;

/**
 * xx.iverson.video_manage.controller.LoginController
 * 描述：
 * on 2025/9/26-下午2:33
 *
 * @author weijx
 */

@Controller
public class LoginController {

    @Autowired
    private SysUserMapper userService;

    // 登录页面
    @GetMapping("admin/login")
    public String loginPage() {
        return "login";
    }

    // 处理登录请求
    @PostMapping("/login")
    public String login(@RequestParam String username,
                        @RequestParam String password,
                        HttpSession session,
                        Model model) {
        SysUser user = userService.findByUsername(username);

        if (user != null && user.getPassword().equals(
                DigestUtils.md5DigestAsHex(password.getBytes()))) {
            // 登录成功，将用户信息存入session
            session.setAttribute("user", user);
            return "redirect:/admin/video";
        } else {
            // 登录失败
            model.addAttribute("error", "用户名或密码错误");
            return "login";
        }
    }

    // 退出登录
    @GetMapping("/logout")
    public String logout(HttpSession session,Model model) {
        session.removeAttribute("user");
        return "login";
    }


    @PostMapping("/admin/change-password")
    @ResponseBody
    public ResponseEntity<Map<String, Object>> changePassword(
            @RequestParam String currentPassword,
            @RequestParam String newPassword,
            HttpSession session) {

        Map<String, Object> response = new HashMap<>();

        // 检查登录状态
        SysUser user = (SysUser) session.getAttribute("user");
        if (user == null) {
            response.put("success", false);
            response.put("message", "请先登录");
            return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body(response);
        }

        // 验证当前密码
        String encryptedCurrentPassword = DigestUtils.md5DigestAsHex(currentPassword.getBytes());
        if (!user.getPassword().equals(encryptedCurrentPassword)) {
            response.put("success", false);
            response.put("message", "当前密码错误");
            return ResponseEntity.badRequest().body(response);
        }
        String encryptedPassword = DigestUtils.md5DigestAsHex(newPassword.getBytes());
        // 更新密码
        if (userService.updatePassword(user.getId(), encryptedPassword)>0) {
            // 更新session中的用户信息
            user.setPassword(DigestUtils.md5DigestAsHex(newPassword.getBytes()));
            session.setAttribute("user", user);
            response.put("success", true);
            response.put("message", "密码修改成功");
            return ResponseEntity.ok(response);
        } else {
            response.put("success", false);
            response.put("message", "密码修改失败");
            return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(response);
        }
    }
}
